Assessment of it security risks
different types of security, threats, and vulnerabilities
security procedures for business continuity
it security risks assessment and treatment
it security solutions
configuration of firewall policies and third-party VPNs
implementation of network security ...
,As Junior Information Security Analyst, this report has been written on request for
AKI Investments Ltd, to critically assess their system.
While assessing AKI Investments system, a security breach has been discovered in
the finance department, which we will see on this report, that was successfully
resolved.
A quick overview of content of this report:
Different types of security, risk, vulnerabilities, and threats.
An evaluation of physical and virtual security measure to ensure integrity of
the AKI Investments Ltd system.
Implementation of the network security of the financial department by
explaining how DMZ can be implemented.
Security Awareness Handbook of AKI Investments Ltd.
2
,Security vulnerabilities are any flaws that could be exploited by bad actors. The ISO
27002 standard defines a vulnerability as a flaw in a resource or group of resources
that can be exploited by one or more threats.
Dosal, E. (2020). Available at: https://www.compuquip.com/blog/computer-
security-vulnerabilities
Types of security vulnerabilities:
Security Misconfiguration - A security misconfiguration exposes your company
to online dangers by leaving insufficient security in servers or web
applications.
SQL Injection - One of the most popular security attacks is SQL injection. It is
done by "injecting" a harmful payload into a web website or program, which
has the potential to destroy your data.
Broken Authentication - When authentication keys are lost, stolen, or
breached, malicious players may pretend to be the intended user to obtain
access to sensitive systems and data.
3
, Security threats are any threats to deliberately target a computer system with
the intention of coercing an insured into handing over cash, securities, or other
valuable tangible or intangible property.
Orion Cassetto Director, Product Marketing (2022). Available at:
https://www.exabeam.com/information-security/cyber-security-threat/
Types of security threats:
Malware - Malicious software includes malware, viruses, adware, and
blackmail.
Passwords Attacks - A computer attacker has access to an abundance of
data with the correct passcode.
Phishing - Phishing attacks use phoney correspondence, like an email, to con
the recipient into reading it and following the directions contained therein, like
entering a credit card number.
The bad consequences that result from a danger to the secrecy, integrity, or
availability of information are included in the concept of security risk.
Watts, S. (2008). Available at: https://www.bmc.com/blogs/security-vulnerability-
vs-threat-vs-risk-whats-difference/
Depending on the vulnerability's characteristics and the sort of threat, the possible
loss or harm can change when it is exploited. If a weakness is successfully exploited,
some potential outcomes include:
Confidential data being accessed without authorization.
Functioning disruptions in the workplace.
Malware contamination.
Financial setback.
A diminished image.
A strategy for internet security is a subset of business continuity planning. Business
continuity planning is the process of creating a strategy to identify key business risks
that could cause significant disruption, preventing them where practical, and
preparing to enable crucial processes to continue where practical.
When it comes to cyber security, the same rules that apply to any business
4
Les avantages d'acheter des résumés chez Stuvia:
Qualité garantie par les avis des clients
Les clients de Stuvia ont évalués plus de 700 000 résumés. C'est comme ça que vous savez que vous achetez les meilleurs documents.
L’achat facile et rapide
Vous pouvez payer rapidement avec iDeal, carte de crédit ou Stuvia-crédit pour les résumés. Il n'y a pas d'adhésion nécessaire.
Focus sur l’essentiel
Vos camarades écrivent eux-mêmes les notes d’étude, c’est pourquoi les documents sont toujours fiables et à jour. Cela garantit que vous arrivez rapidement au coeur du matériel.
Foire aux questions
Qu'est-ce que j'obtiens en achetant ce document ?
Vous obtenez un PDF, disponible immédiatement après votre achat. Le document acheté est accessible à tout moment, n'importe où et indéfiniment via votre profil.
Garantie de remboursement : comment ça marche ?
Notre garantie de satisfaction garantit que vous trouverez toujours un document d'étude qui vous convient. Vous remplissez un formulaire et notre équipe du service client s'occupe du reste.
Auprès de qui est-ce que j'achète ce résumé ?
Stuvia est une place de marché. Alors, vous n'achetez donc pas ce document chez nous, mais auprès du vendeur mihaelaturtucaianu. Stuvia facilite les paiements au vendeur.
Est-ce que j'aurai un abonnement?
Non, vous n'achetez ce résumé que pour €15,56. Vous n'êtes lié à rien après votre achat.
